How to encrypt 2 files so can't be read

[Berol]

Using XP professional and my only hard drive is formated with the NTFS
volumn. Please explain, step by step, how to encrypt 2 files so only I may
have access. Do I need to start with entering my system with a password.
Would preferr not to have to do this as I am the only user and am only
encrypting 2 files. Is XP professional the best program to do this with or
is there another that would greatly increase the unlikelyhood of these files
being hacked by someone?

 

[VanguardLH]

in message

Using XP professional and my only hard drive is formated with the
NTFS
volumn. Please explain, step by step, how to encrypt 2 files so
only I may
have access. Do I need to start with entering my system with a
password.
Would preferr not to have to do this as I am the only user and am
only
encrypting 2 files. Is XP professional the best program to do this
with or
is there another that would greatly increase the unlikelyhood of
these files
being hacked by someone?

If you want to use EFS (encrypted file system) included in Windows XP
*Professional* the use Start -> Help and Support and read EVERYTHING
about EFS before using it, especially on exporting the EFS
certificate. Otherwise, look into other encryption utilities, like
TrueCrypt.

 

[Allan]

Using XP professional and my only hard drive is formated with the NTFS
volumn. Please explain, step by step, how to encrypt 2 files so only I
may
have access. Do I need to start with entering my system with a password.
Would preferr not to have to do this as I am the only user and am only
encrypting 2 files. Is XP professional the best program to do this with
or
is there another that would greatly increase the unlikelyhood of these
files
being hacked by someone?

Hi I have XP Home SP2 so I don't have EFS available. I recently installed
axcrypt and got it running in a few hours. You can have strong encryption
but be sure to remember the pass phrase and protect the AES-128 key on
removable media such as a floppy disk or USB flash drive. Any user can
access axcrypt and you don't have to password-protect the user accounts.
In case you have GNU gpg or PGP installed you can use that to digitally sign
the digital key and the encrypted files, but this is very much optional.
http://www.axantum.com/

Good luck,

 

[Marty K]

Using XP professional and my only hard drive is formated with the NTFS
volumn. Please explain, step by step, how to encrypt 2 files so only I may
have access. Do I need to start with entering my system with a password.
Would preferr not to have to do this as I am the only user and am only
encrypting 2 files. Is XP professional the best program to do this with or
is there another that would greatly increase the unlikelyhood of these files
being hacked by someone?

Go to TrueCrypt.org and download latest version of True Crypt. This
open source software will create a virtual encrypted volumes on your
hard drive that looks and feels like real hard drive. During the
creation of the virtual drive you assign a password/phrase that protects
the data contained in it. The drive can be copied and/or emailed with
no adverse effects to the drive. Don't be intimidated by the users
manual, the up front section will step through the process to create
a virtual drive in no time. If you want to know more then you can
learn all there is to know later in the manual.

I have been using it for over a year with no loss of date. Using
Windows encryption is very dependent upon account and passwords used
during creation and does not have the flexibility that True crypt has.

Marty

 

[Bob Harris]

To expand on the first reply.

The XP encryption is tied to the user account. Not the user name, not the
user password, but the account itself.

If XP has to be re-installed, even if you create the same user with the same
password, all XP-encrypted files will be UN-readable.

That is the importance of saving the "EFS certificate". With it you have a
chance of reading the files. Without it you don't.

The third-party encryption tools mentioned in the other replies have a more
traditional password system, and are not tied to the user account. They
offer strong encryption, if you really feel that you need that (sort of CIA
level), as opposed to casual encryption (to keep kids out). But, as with
any password based system, you need to pick a password that is (1) fairly
long, (2) not something obvious like your name, birthdate, etc, (3)
something you can remember, or feel comfortable writing down somewhere that
you can find later.

A possible alternative to encryption is to save the files on removeable
media (e.g., USB stick) and hide/lock that away.

Remember, the best approach to security depends on whom are trying to
prevent accessing the files.

 

[Allan]

To expand on the first reply.

The XP encryption is tied to the user account. Not the user name, not the
user password, but the account itself.

If XP has to be re-installed, even if you create the same user with the
same password, all XP-encrypted files will be UN-readable.

That is the importance of saving the "EFS certificate". With it you have
a chance of reading the files. Without it you don't.

The third-party encryption tools mentioned in the other replies have a
more traditional password system, and are not tied to the user account.
They offer strong encryption, if you really feel that you need that (sort
of CIA level), as opposed to casual encryption (to keep kids out). But,
as with any password based system, you need to pick a password that is (1)
fairly long, (2) not something obvious like your name, birthdate, etc, (3)
something you can remember, or feel comfortable writing down somewhere
that you can find later.

A possible alternative to encryption is to save the files on removeable
media (e.g., USB stick) and hide/lock that away.

Remember, the best approach to security depends on whom are trying to
prevent accessing the files.

Since the OP did not say who that "someone" might be, we might as well
assume that it is a reasonably capable attacker. As far as I know, EFS also
uses strong encryption algorithms but a lot of users have reported problems
with restoring user accounts and exporting certificates. Axcrypt also offers
a "weak" encryption level without using a digital key and just a passphrase
but I would not consider bothering to use it. As far as selecting a
passphrase, it should just be a "random" string of upper and lower case
letters,digits and other characters including spaces.
Besides the third-party encryption tools mentioned there are many others,
including proprietary source-code offerings. I have not tried any of them
but they may also be worthwhile at least for a trial installation. If I had
XP Pro instead of XP Home I might try to experiment with EFS first like many
others who have posted in this and other NGs, often with puzzlement and
confusion with unexpected results.